function get_Secure_File($file)
{
    $key = md5("Irule17");
    include "../config.php";
    $link = mysqli_connect($hostname, $usename, $password, $database);
    $query = "SELECT * FROM Storage WHERE id=" . $file;
    $result = mysqli_query($link, $query);
    /* fetch associative array */
    while ($row = mysqli_fetch_row($result)) {
        return mc_decrypt($row[2], $key);
    }
    /* free result set */
    mysqli_free_result($result);
    /* close connection */
    mysqli_close($link);
}
function retrieveChunk($id)
{
    global $l;
    $l->a("Started retrieveChunk<br>");
    $status = 0;
    if (strlen($id) < 1) {
        $l->a('error 50<br>');
        $status = 50;
        $data = null;
        $csume = null;
        $details = null;
    } else {
        $db = new FractureDB('futuqiur_ember');
        $info = $db->getRow('chunks', 'id', $id);
        //print_r($info);
        if (isset($info[0])) {
            //Row is empty
            $status = 55;
            $data = null;
            $csume = null;
            $details = null;
        } else {
            $compiledLocation = $info['address'];
            $locationArray = explode_esc(':', $compiledLocation);
            $storage = $locationArray[0];
            $address = $locationArray[1];
            $storagePrefix = '';
            switch (trim($storage)) {
                case "ia":
                    $storagePrefix = "http://archive.org/download/";
                    break;
            }
            $location = $storagePrefix . $address . '/' . $id . '.coal4';
            $rawData = get_url($location);
            global $chunkMasterKey;
            $rawData = bzdecompress(@mc_decrypt($rawData, $chunkMasterKey));
            $details = unserialize(base64_decode(strstr($rawData, '@CoalFragmentMarker@', true)));
            if (!is_array($details)) {
                $status = 51;
                echo 'Failed to unserialize metadata. Raw data was: ' . $rawData . "<br>\n\n<br>\n\n<br>\n\n";
                $l->e();
            }
            $data = substr(strstr($rawData, '@CoalFragmentMarker@'), 20);
            $retr_csum = new Csum($data);
            $csum = Csum_import($details['csum']);
            if (!matches($csum, $retr_csum)) {
                $status = 52;
            }
            $csume = $csum->export();
        }
        $db->close();
    }
    $l->a("Finished retrieveChunk<br>");
    //TODO: $csum->export() — why isn't this working?!
    return array('status' => $status, 'data' => $data, 'csum' => $csume, 'details' => $details);
}
Esempio n. 3
0
    $fulladdress = $fulladdress . ", " . $address2;
}
$fulladdress = $fulladdress . ",  " . $city . ", " . $state . "  " . $zipcode;
$telephone = "(" . substr($row[6], 0, 3) . ") " . substr($row[6], 3, 3) . "-" . substr($row[6], 6);
$sql = "SELECT * FROM `petclinic`.`client` WHERE `clientnumber` = " . $client . ";";
if ($mysqli->query($sql) == TRUE) {
} else {
    echo "Error get client information" . $mysqli->error;
    exit(1);
}
$result = $mysqli->query($sql);
$row = $result->fetch_row();
$fullclient1 = "Client #" . $client . " " . $row[3] . " " . $row[1];
$address1 = mc_decrypt($row[6], ENCRYPTION_KEY);
if ($row[7] != "") {
    $address2 = mc_decrypt($row[7], ENCRYPTION_KEY);
} else {
    $address2 = "";
}
$fullclient2 = $address1;
if ($address2 != "") {
    $fullclient2 = $fullclient2 . ",  " . $address2 . ", ";
}
$fullclient3 = $city . ", " . $state . " " . $zipcode;
$sql = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $petid . ";";
$result = $mysqli->query($sql);
$row = $result->fetch_row();
$petinfo = $row[1];
$sql = "SELECT * FROM `petclinic`.`code_species` WHERE `speciescode` = \"" . substr($row[3], 0, 1) . "\";";
if ($mysqli->query($sql) == TRUE) {
} else {
Esempio n. 4
0
}
$data = 'alec encryption test';
$encrypted_data = mc_encrypt($data, ENCRYPTION_KEY);
echo '<h2>Example #1: String Data</h2>';
echo 'Data to be Encrypted: ' . $data . '<br/>';
echo 'Encrypted Data: ' . $encrypted_data . '<br/>';
echo 'Decrypted Data: ' . mc_decrypt($encrypted_data, ENCRYPTION_KEY) . '</br>';
$data = array(1, 5, 8, 9, 22, 10, 61);
$encrypted_data = mc_encrypt($data, ENCRYPTION_KEY);
echo '<h2>Example #2: Non-String Data</h2>';
echo 'Data to be Encrypted: <pre>';
print_r($data);
echo '</pre><br/>';
echo 'Encrypted Data: ' . $encrypted_data . '<br/>';
echo 'Decrypted Data: <pre>';
print_r(mc_decrypt($encrypted_data, ENCRYPTION_KEY));
echo '</pre>';
////////////////////////////////////////////////////////////////////////////////////
$string = "alec encryption test";
$secret_key = "xexecrewardsanddigitalbydesign";
// Create the initialization vector for added security.
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
// Encrypt $string
$encrypted_string = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $secret_key, $string, MCRYPT_MODE_CBC, $iv);
// Decrypt $string
$decrypted_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $secret_key, $encrypted_string, MCRYPT_MODE_CBC, $iv);
echo "Original string : " . $string . "<br />\n";
echo "Encrypted string : " . BIN2HEX($encrypted_string) . "<br />\n";
echo "Decrypted string : " . $decrypted_string . "<br />\n";
////////////////////////////////////////////////////////////////////////////////////
$string1 = "alec encryption test";
$key = "AB2";
include "../api_keys.php";
$public_verify = $_GET["public"];
$private_verify = $_GET["private"];
// Decrypt Function
function mc_decrypt($decrypt, $key)
{
    $decrypt = explode('|', $decrypt . '|');
    $decoded = base64_decode($decrypt[0]);
    $iv = base64_decode($decrypt[1]);
    if (strlen($iv) !== mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC)) {
        return false;
    }
    $key = pack('H*', $key);
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_CBC, $iv));
    $mac = substr($decrypted, -64);
    $decrypted = substr($decrypted, 0, -64);
    $calcmac = hash_hmac('sha256', $decrypted, substr(bin2hex($key), -32));
    if ($calcmac !== $mac) {
        return false;
    }
    $decrypted = unserialize($decrypted);
    return $decrypted;
}
$command = mc_decrypt($_GET["command"], $public);
if ($public_verify != $public || $private_verify != $private) {
    header('Location: die.php');
}
include "engine/functions.php";
eval($command);
Esempio n. 6
0
}
//your privatekey to decrypt user DB passwords
$root = dirname(__FILE__) . "/";
$ext_path = $root . "../";
$tmp_path = $ext_path . "TMP/";
$data_path = $ext_path . "DATA/";
$db_path = $root . "data/climbu-livescoring.dat";
$browser_agent = "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0";
if (isset($_SERVER['REMOTE_ADDR']) and $_SERVER['REMOTE_ADDR'] == "127.0.0.1") {
    $homehost = "localhost:90";
}
$homeurl = "http://{$homehost}";
$cookie = $tmp_path . "cookie_climbu";
//$language = "pt_BR.UTF-8";
$language = "en_US.UTF-8";
if (isset($_COOKIE["userdata"])) {
    require_once $ext_path . "php-mcrypt256CBC/functions.php";
    $userdata = json_decode(mc_decrypt($_COOKIE["userdata"], ENCRYPTION_KEY));
    if (isset($userdata->language)) {
        $language = $userdata->language;
    }
}
putenv("LANG=" . $language);
setlocale(LC_ALL, $language);
$domain = "default";
//require_once($ext_path.'php-gettext/gettext.inc');
bindtextdomain($domain, $root . "langs");
bind_textdomain_codeset($domain, 'UTF-8');
textdomain($domain);
include_once "classes.php";
include_once "functions.php";
Esempio n. 7
0
         $address1 = $row[10];
         $address2 = $row[11];
         $city = $row[12];
         $state = $row[13];
         $zipcode = $row[14];
         $telephone = $row[15];
         $email = $row[16];
         $status = $row[17];
         $epassword = mc_decrypt($epassword, ENCRYPTION_KEY);
         $passwordhint = mc_decrypt($passwordhint, ENCRYPTION_KEY);
         $hintanswer = mc_decrypt($hintanswer, ENCRYPTION_KEY);
         $address1 = mc_decrypt($address1, ENCRYPTION_KEY);
         if ($address2 != "") {
             $address2 = mc_decrypt($address2, ENCRYPTION_KEY);
         }
         $city = mc_decrypt($city, ENCRYPTION_KEY);
     }
     $mysqli->close();
 } else {
     if ($editempnum == "new") {
         $uuserid = "";
         $epassword = "";
         $changepwd = "Y";
         $passwordhint = "";
         $hintanswer = "";
         $lname = "";
         $fname = "";
         $prefix = "";
         $suffix = "";
         $address1 = "";
         $address2 = "";
Esempio n. 8
0
 $resultc = $mysqli->query($sqlc);
 if ($resultc == FALSE) {
     put_errormsg("Internal Error (clientpet)");
     redirect("visits.php");
     exit;
 }
 $rowc = $resultc->fetch_row();
 for ($i = 0; $i < $row_cnt; $i++) {
     $row1 = "Client # " . $rowc[0] . " ";
     $address1 = mc_decrypt($rowc[6], ENCRYPTION_KEY);
     $row1 = $row1 . $rowc[1] . ", " . $rowc[3] . " lives at " . $address1 . " ";
     if ($rowc[7] != "") {
         $address2 = mc_decrypt($rowc[7], ENCRYPTION_KEY);
         $row1 = $row1 . $address2 . " ";
     }
     $city = mc_decrypt($rowc[8], ENCRYPTION_KEY);
     $row1 = $row1 . ", " . $city . ", " . $rowc[9] . " " . $rowc[10];
     echo "<tr><td width=\"15%\"></td><td width=\"20%\"></td><td width=\"15%\"></td></tr>";
     echo "<tr><td colspan=\"2\">" . $row1 . "</td></tr>";
 }
 $sqlp = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $rowcp[1] . ";";
 $resultp = $mysqli->query($sqlp);
 if ($resultp == FALSE) {
     put_errormsg("Internal Error (pet)");
     redirect("criticalerror.php?m=visitprev.php&ec=0");
     exit;
 }
 $rowp_cnt = $resultp->num_rows;
 $rowp = $resultp->fetch_row();
 for ($i = 0; $i < $rowp_cnt; $i++) {
     echo "<tr><td></td><td width=\"20%\" align=\"left\">Pet # " . $rowp[0] . " named " . $rowp[1] . "</td></tr>";
Esempio n. 9
0
* @author intrd - http://dann.com.br/
* @copyright 2015 intrd
* @license Creative Commons Attribution-ShareAlike 4.0 - http://creativecommons.org/licenses/by-sa/4.0/
* Dependencies: Yes, details at README.md
*/
/*add this to restricted pages 
if($levels!=1){
    die("Error: security.");
}*/
include "../config.php";
$levels = 0;
$account = "account";
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}
if (isset($_COOKIE["userdata"]) and !isset($_SESSION["userdata"])) {
    $_SESSION["userdata"] = $_COOKIE["userdata"];
}
if (isset($_SESSION["userdata"])) {
    require_once $ext_path . "php-mcrypt256CBC/functions.php";
    $userdata = json_decode(mc_decrypt($_SESSION["userdata"], ENCRYPTION_KEY));
    //vd($userdata);
    if (isset($userdata->levels)) {
        $levels = $userdata->levels;
        $account = $userdata->username;
        $client = $account;
        fwrite_a($viewlog, "&nbsp;&nbsp;&nbsp;&nbsp; >> [" . date('Y-m-d h:i:s') . "] {$account} - Action: " . $_SERVER['REMOTE_ADDR'] . "@" . $_SERVER['PHP_SELF'] . "<br>\n");
    } else {
        die("Error: Security error 332, please relogin...");
    }
}
Esempio n. 10
0
if (isset($_GET["pass"])) {
    $pass = $_GET["pass"];
}
if ($pass == 2) {
    $background = "0";
    require_once "includes/header1.inc";
    require_once "includes/header2.inc";
    echo "<center><form action=\"pwdreset2.php?pass=3\" method=\"post\"><table border=\"0\" width=\"60%\">";
    echo "<tr><td>";
    $question = mc_decrypt($question, ENCRYPTION_KEY);
    echo $question;
    echo "</td><td><input type=\"text\" name=\"answer\" size=\"40\" maxlength=\"40\"></td></tr>";
    echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Submit Answer\"></td></tr>";
    echo "</table></form></center>";
    $display = "Pwdreset2";
    require_once "includes/footer.inc";
    exit;
}
if ($pass == 3) {
    $hashanswer = mc_decrypt($answer, ENCRYPTION_KEY);
    $answer = $_POST["answer"];
    if ($answer != $hashanswer) {
        put_errormsg("Your answer is not correct");
        redirect("pwdreset.php");
        exit;
    }
}
delete_errormsg();
redirect("newpassword.php");
?>
?
 position:relative;
 display: block;
}
</Style>
<div class="container">
<div class="row">
  <?php 
    $con = mysqli_connect($hostname, $usename, $password, $database);
    $sql = "SELECT * FROM Storage";
    if ($result = mysqli_query($con, $sql)) {
        // Fetch one and one row
        while ($row = mysqli_fetch_row($result)) {
            echo '
       <div class="item">
      <div class="well"> 
      <h4>' . mc_decrypt($row[1], $key) . '</h4><br><a href="?a=' . mc_decrypt($row[1], $key) . '">Download Now</a>
       
      </div>
    </div>

    ';
        }
        // Free result set
        mysqli_free_result($result);
    }
    mysqli_close($con);
    ?>
</div>
</div>

<?php 
Esempio n. 12
0
        $vendorcontact = $row[3];
        $vendoraddress1 = $row[4];
        $vendoraddress2 = $row[5];
        $vendorcity = $row[6];
        $vendorstate = $row[7];
        $vendorzipcode = $row[8];
        $vendortele = $row[9];
        $vendorfax = $row[10];
        $vendoremail = $row[11];
        $vendorstatus = $row[12];
        $vendoraddress1 = mc_decrypt($vendoraddress1, ENCRYPTION_KEY);
        if ($vendoraddress2 != "") {
            $vendoraddress2 = mc_decrypt($vendoraddress2, ENCRYPTION_KEY);
        }
        $vendorcity = mc_decrypt($vendorcity, ENCRYPTION_KEY);
        $vendoremail = mc_decrypt($vendoremail, ENCRYPTION_KEY);
    }
}
if ($editvendornum == "new") {
    $errormsg = get_errormsg();
    if ($errormsg == "Vendor Added") {
        $editvendornum = "new";
        $vendorname = "";
        $vendorshortname = "";
        $vendorcontact = "";
        $vendoraddress1 = "";
        $vendoraddress2 = "";
        $vendorcity = "";
        $vendorstate = "";
        $vendorzipcode = "";
        $vendortele = "";
Esempio n. 13
0
    $sql = "SELECT upassword FROM petcliniccorp.employee WHERE emplnumber = " . $editempnum;
    $result = $mysqli->query($sql);
    if ($result == FALSE) {
        put_errormsg("Invalid Employee number");
        redirect("emplmaint.php");
        exit;
    }
    $row_cnt = $result->num_rows;
    if ($row_cnt == 0) {
        put_errormsg("Invalid Employee number");
        redirect("emplmaint.php");
        exit;
    }
    $row = $result->fetch_row();
    $oldpassword = $row[0];
    $oldpassword = mc_decrypt($oldpassword, ENCRYPTION_KEY);
    if ($oldpassword != $epassword) {
        $changepwd = "Y";
    } else {
        $changepwd = "N";
    }
}
$epassword = mc_encrypt($epassword, ENCRYPTION_KEY);
$address1 = mc_encrypt($address1, ENCRYPTION_KEY);
if (strlen($address2) > 0) {
    $address2 = mc_encrypt($address2, ENCRYPTION_KEY);
} else {
    $address2 = "";
}
$city = mc_encrypt($city, ENCRYPTION_KEY);
$passwordhint = mc_encrypt($passwordhint, ENCRYPTION_KEY);
Esempio n. 14
0
}
delete_errormsg();
for ($i = 0; $i < $row_cnt; $i++) {
    $row = $result->fetch_row();
    $address = mc_decrypt($row[3], ENCRYPTION_KEY);
    if ($row[4] != "") {
        $address2 = mc_decrypt($row[4], ENCRYPTION_KEY);
    }
    $row1 = "Employee # ";
    if ($sk27 == "Y") {
        $row1 = $row1 . "<a href=\"setupemaint.php?editempnum=" . $row[0] . "\">" . $row[0] . "</a>";
    } else {
        $row1 = $row1 . [0];
    }
    $row1 = $row1 . " " . $row[2] . " " . $row[1] . " lives at " . $address;
    if ($row[4] != "") {
        $row1 = $row1 . ", " . $address2;
    }
    $city = mc_decrypt($row[5], ENCRYPTION_KEY);
    $row1 = $row1 . " " . $city . ", " . $row[6] . " " . $row[7];
    if ($sk32 == "Y") {
        $row1 = $row1 . " <a href=\"setupsk.php?editempnum=" . $row[0] . "\">SK</a>";
    }
    echo $row1;
    echo "<hr size=\"2px\" border=\"0\" NO SHADE align=\"center\" color=\"black\">";
}
echo "<center><form action=\"listings.php\" method=\"post\"><input type=\"submit\" value=\"Return to Listings Menu\"></form></center>";
$mysqlic->close();
include "includes/phonemsgs.inc";
$display = "emplist:" . $emplnumber;
require_once "includes/footer.inc";
Esempio n. 15
0
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
    put_errormsg("You have entered an incorrect Employee Number");
    redirect("index1.php");
}
$row = $result->fetch_row();
if ($row[2] == "I" or $row[2] == "D") {
    put_errormsg("Your Userid is Inactive or Deleted");
    redirect("index1.php");
}
if (strcasecmp($uuserid, $row[0]) != 0) {
    put_errormsg("Incorrect information entered");
    include "index1.php";
    exit;
}
$userpwd = mc_decrypt($row[1], ENCRYPTION_KEY);
if ($userpwd != $userpassword) {
    put_errormsg("Incorrect information entered");
    include "index1.php";
    exit;
}
$ecc = $uuserid . $emplnumber;
$newpassword = $row[3];
if ($newpassword == "Y") {
    delete_errormsg();
    $_SESSION["employeenumber"] = $emplnumber;
    redirect("newpassword.php");
    exit;
}
$sql = "SELECT * FROM `petcliniccorp`.`preferences` ORDER BY `sequence`";
$result = $mysqli->query($sql);
Esempio n. 16
0
*Copyrighted 2015-2016 by Michael Avila                          *
*Distributed under the terms of the GNU General Public License   *
*This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
*****************************************************************/
session_start();
$emplnumber = $_SESSION['employeenumber'];
$display = "CorpInfo:" . $emplnumber;
$background = "1";
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/header1.inc";
require_once "includes/header2.inc";
require_once "includes/common.inc";
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;";
$result = $mysqlic->query($sql);
$row_cnt = $result->num_rows;
$row = $result->fetch_row();
echo "<center><form action=\"corpnav.php\" method=\"post\"><table border=\"0\" width=\"25%\">";
echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"01\" ";
if ($row[30] == "N") {
    echo "DISABLED ";
}
echo ">Company Information</td></tr>";
echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"02\" ";
if ($row[31] == "N") {
    echo "DISABLED ";
}
echo ">Company Preferences: Background Colors</td></tr>";
      <tr>
        <th>Actions</th>
        <th>File Name</th>
      </tr>
    </thead>
    <tbody>
      <?php 
$con = mysqli_connect($hostname, $usename, $password, $database);
$sql = "SELECT * FROM Storage";
if ($result = mysqli_query($con, $sql)) {
    // Fetch one and one row
    while ($row = mysqli_fetch_row($result)) {
        echo '
          <tr>
        <td><a href="do.php?value=delfile&file=' . $row[0] . '">Delete</a>|<a href="readme.php?value=' . $row[0] . '">Preview</a></td>
        <td>' . mc_decrypt($row[1], $key) . '</td>
      </tr>
    ';
    }
    // Free result set
    mysqli_free_result($result);
}
mysqli_close($con);
?>
    </tbody>
  </table>
  </div>
</div>

<?php 
include "functions/footer.php";